-
New attack turned Microsoft 365 Copilot into 1-click data theft tool
A newly disclosed attack chain, dubbed SearchLeak, demonstrated how threat actors could transform Microsoft 365 Copilot Enterprise into a powerful one-click data exfiltration tool. By exploiting a sequence of vulnerabilities, attackers were able to extract sensitive corporate information from Microsoft…
-
The ‘Miasma’ worm source code briefly leaked on GitHub
The source code of Miasma, a sophisticated credential-stealing framework designed to compromise software supply chains, was recently exposed on GitHub through multiple compromised developer accounts. The incident offers a rare glimpse into how modern threat actors automate large-scale attacks against…
-
KnowledgeDeliver flaw exploited as a zero-day to install web shells
Threat actors exploited a critical zero-day vulnerability in KnowledgeDeliver to achieve unauthenticated remote code execution and deploy the Godzilla web shell, a powerful post-exploitation tool commonly used in advanced cyber intrusions. The vulnerability, tracked as CVE-2026-5426, stems from insecure ASP.NET…
-
Russian hackers turn Kazuar backdoor into modular P2P botnet
The Russian-linked cyber-espionage group known as Secret Blizzard has significantly upgraded its long-running Kazuar malware framework, transforming it into a highly modular peer-to-peer (P2P) botnet optimized for stealth, persistence, and intelligence collection. The latest Kazuar variant introduces decentralized communications, internal…
-
New Linux ‘Dirty Frag’ zero-day gives root on all major distros
Security researchers have disclosed a new Linux zero-day vulnerability chain dubbed Dirty Frag, a high-severity local privilege escalation exploit that allows attackers to obtain root access on most major Linux distributions using a single command. The exploit affects the Linux…
-
DAEMON Tools trojanized in supply-chain attack to deploy backdoor
A sophisticated software supply-chain attack has compromised multiple versions of DAEMON Tools, resulting in the distribution of trojanized installers that deployed a stealth backdoor to thousands of devices worldwide. The malicious installers were reportedly distributed through the software’s official website…
-
Popular WordPress redirect plugin hid dormant backdoor for years
A widely used WordPress plugin, Quick Page/Post Redirect, has been found to contain a long-standing backdoor capable of enabling arbitrary code execution on affected websites. The plugin, installed on over 70,000 sites, was temporarily removed from the official directory after…
-
PyPI package with 1.1M monthly downloads hacked to push infostealer
A supply-chain attack has impacted the widely used PyPI package elementary-data, after attackers published a malicious release designed to steal developer secrets, cloud credentials, and cryptocurrency wallet data. The compromised version, 0.23.3, was distributed through both PyPI and the project’s…
-
New GoGra malware for Linux uses Microsoft Graph API for comms
Security researchers have identified a new Linux variant of the GoGra backdoor that abuses Microsoft cloud services for covert command-and-control communications. Instead of relying on traditional attacker infrastructure, the malware uses the Microsoft Graph API and an Outlook mailbox to…
Must-Read Posts
- ‘PlushDaemon’ hackers hijack software updates in supply-chain attacks
- Adidas warns of data breach after customer service provider hack
- AI Cuts vCISO Workload by 68% as Demand Skyrockets, New Report Finds
- AI in Cybersecurity: Revolutionizing Defense Against Emerging Threats
- Android gets patches for Qualcomm zero-day exploited in attacks
